Generate xpack SSL certificates with longer expiry date

smiley_tamy · January 16, 2023, 7:50pm

When we generate SSL certificates with elasticsearch-certutil, we get them with the expiry of 3 years
Is there a way that we can generate the certificates with longer expiry date such as 5 years or so.
Is it possible to mention the expiry while creating the certificates

stephenb · January 16, 2023, 7:53pm

Hi @smiley_tamy

Per the docs here us the days parameter with certain restrictions.

--days <n>
Specifies an integer value that represents the number of days the generated certificates are valid. The default value is 1095. This parameter cannot be used with the csr or http parameters.

smiley_tamy · January 16, 2023, 7:56pm

Thank you for the quick reply

system · February 13, 2023, 7:57pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Extend the expiry of the certificates Elasticsearch	6	375	December 8, 2023
How do I extend the SSL Certificate expiry period?s Elasticsearch elastic-stack-security	5	2165	December 15, 2022
What impact will the SSL certificate expiration in the file elastic-certificates.p12 have? Elasticsearch	9	187	April 2, 2024
Generate certificates after expiring Elasticsearch	2	30	October 30, 2024
Self-signed certificate expiration date and the ES cluster transport layer Elasticsearch	3	3558	March 31, 2020

Generate xpack SSL certificates with longer expiry date

Related topics